Using GPG with Thunderbird

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Added option to install Enigmail through Thunderbird)
(Configuring a GPG Signature in Thunderbird)
Line 65: Line 65:
 
* Open '''Thunderbird Email''', and select ''Edit > Account Settings''.
 
* Open '''Thunderbird Email''', and select ''Edit > Account Settings''.
  
* Choose ''OpenPGP Security'' for the e-mail account that requires digital signatures.
+
* Choose '''OpenPGP Security''' for the e-mail account that requires digital signatures.
  
* Select ''Enable OpenPGP support (Enigmail) for this identity''. If your GPG key lists a different email address to the address for this identity, select ''Use specific OpenPGP key ID'', and enter the ID of the key.
+
* Select '''Enable OpenPGP support (Enigmail) for this identity'''. If your GPG key lists a different email address to the address for this identity, select ''Use specific OpenPGP key ID'', and enter the ID of the key.
  
* To automatically sign all emails from this account, select both ''Sign non-encrypted messages by default'', and ''Sign encrypted messages by default''. Select ''Advanced'', ''PGP/MIME'', and choose ''Always use PGP/MIME''. Select ''OK'' to close the ''OpenPGP Preferences''.
+
* To automatically sign all emails from this account, select both '''Sign non-encrypted messages by default''', and '''Sign encrypted messages by default'''. Selecting '''Use PGP/MIME by default''' will use always use PGP/MIME which will work better on most recipients email clients. Select ''OK'' to close the ''Account Settings''.
  
 
* Choose ''Composition & Addressing'' for the same account. Ensure that ''Compose messages in HTML format'' is disabled.
 
* Choose ''Composition & Addressing'' for the same account. Ensure that ''Compose messages in HTML format'' is disabled.
  
 
* Choose ''OK'' to apply the changes.
 
* Choose ''OK'' to apply the changes.
 
  
 
== Sending a Signed E-mail with Thunderbird ==
 
== Sending a Signed E-mail with Thunderbird ==

Revision as of 19:57, 23 October 2013

Contents

Using GPG Keys with Mozilla Mail Clients

Fedora Core includes Mozilla Thunderbird in the thunderbird package, and the mozilla-mail package for the Mozilla Suite email application. Thunderbird is the recommended Mozilla email application. This appears on your desktop as Applications > Internet > Thunderbird Email.

Mozilla products support extensions, plugins that add new features to the main application. The Enigmail extensions provide GPG support to email products from Mozilla. Versions of Enigmail exist for both Mozilla Thunderbird, and the Mozilla Suite (Seamonkey). Netscape software from AOL is based on the Mozilla products, and may also use this extension.

To install Enigmail on Fedora systems, follow the instructions given below.

Enigmail uses the term OpenPGP in menu items and options. GPG is an implementation of OpenPGP, and you may treat the terms as equivalent.

The homepage for Enigmail is: http://enigmail.mozdev.org/download.html.

This page provides screenshots of Enigmail and GPG in action: http://enigmail.mozdev.org/screenshots.html

Installing Enigmail on Fedora

There are two ways to install Enigmail on Fedora systems, perform the following steps:

Using Yum

Enigmail is now available in fedora repository. It can be installed by typing:

yum install thunderbird-enigmail

Using Thunderbird

  • Open Thunderbird and through the application menu select "Add-ons".
  • A new tab will open with the Add-ons Manager. On the search box search for enigmail.
  • A list of results will appear. Click "install" on Enigmail. When installation is complete you will need to restart Thunderbird.

Manually

  • Download the relevant extension. Fedora Core 4 includes Thunderbird version 1. Fedora Core 5 supplies Thunderbird version 1.5. In Firefox, right-click the relevant extension, choose Save Link As..., and select Save. Mozilla extensions are XPI files, and have the suffix .xpi at the end of the filename.
  • If Thunderbird is currently running, close it.
  • To install the specified extension for all users, run Thunderbird as the root user with the -install-global-extension option. For example, to install /home/me/enigmail-0.94.0-tb15-linux.xpi, enter following command:
su -c 'thunderbird -install-global-extension /home/me/enigmail-0.94.0-tb15-linux.xpi'

Enter the root password when prompted.

This command installs the extension without opening a window on your desktop.

  • Alternatively, to install the extension for your account only, load Thunderbird and choose Tools > Extensions > Install. Select the XPI file, and OK. Close Thunderbird.
  • Load Thunderbird as normal. If you see the OpenPGP menu, Enigmail is successfully installed.

Signed messages automatically display their status at the top of the message window. To sign messages that you send, follow the instructions below.

Configuring a GPG Signature in Thunderbird

  • Install the Enigmail extension, as explained above.
  • If you do not have a GPG key, follow the instructions on this page to generate your key: [wiki:DocsProject/UsingGpg/CreatingKeys]
  • Open Thunderbird Email, and select Edit > Account Settings.
  • Choose OpenPGP Security for the e-mail account that requires digital signatures.
  • Select Enable OpenPGP support (Enigmail) for this identity. If your GPG key lists a different email address to the address for this identity, select Use specific OpenPGP key ID, and enter the ID of the key.
  • To automatically sign all emails from this account, select both Sign non-encrypted messages by default, and Sign encrypted messages by default. Selecting Use PGP/MIME by default will use always use PGP/MIME which will work better on most recipients email clients. Select OK to close the Account Settings.
  • Choose Composition & Addressing for the same account. Ensure that Compose messages in HTML format is disabled.
  • Choose OK to apply the changes.

Sending a Signed E-mail with Thunderbird

If you configure Thunderbird to sign email for the account by default, the emails that you send automatically include your GPG signature.

Otherwise, follow these steps to send a single email with a GPG digital signature:

  1. Select Write.
  2. Compose the message as normal.
  3. Click the OpenPGP button. Select both Sign Message and Use PGP/MIME, and choose OK.
  4. Choose Send.
  5. If prompted, enter the passphrase for your GPG key.